2240914 – (CVE-2023-4535) CVE-2023-4535 OpenSC: out-of-bounds read in MyEID driver handling encryption using symmetric keys

Bug 2240914 (CVE-2023-4535) - CVE-2023-4535 OpenSC: out-of-bounds read in MyEID driver handling encryption using symmetric keys

Summary: CVE-2023-4535 OpenSC: out-of-bounds read in MyEID driver handling encryption ...

Keywords:
Status:	NEW
Alias:	CVE-2023-4535
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2248101
Blocks:	2240943
TreeView+	depends on / blocked

Reported:	2023-09-27 08:41 UTC by TEJ RATHI
Modified:	2023-12-18 11:01 UTC (History)
CC List:	1 user (show)
Fixed In Version:	OpenSC 0.24.0-rc1
Doc Type:	If docs needed, set a value
Doc Text:	An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:7879	0	None	None	None	2023-12-18 11:01:52 UTC

Description TEJ RATHI 2023-09-27 08:41:17 UTC

An out-of-bounds read in MyEID driver handling encryption using symmetric keys. An attacker with physical access to the computer running opensc and crafted USB device or smart card that would present the system with specially crafted responses to the APDUs so they are considered a high-complexity and low-severity.

This issue is in the code handling symmetric keys, which are not widely used for example for desktop login so most of the deployments are not affected.

https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651
https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories
https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1

Comment 3 TEJ RATHI 2023-11-06 06:23:56 UTC

Created opensc tracking bugs for this issue:

Affects: fedora-all [bug 2248101]

Comment 4 errata-xmlrpc 2023-12-18 11:01:51 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:7879 https://access.redhat.com/errata/RHSA-2023:7879

Note You need to log in before you can comment on or make changes to this bug.